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Top Stories 

• The Santa Clara County Public Health Department reported October 28 that the number of 
cases in a Shigella outbreak rose to 190 after being linked to consumption from the 
Mariscos San Juan restaurant. - San Jose Mercury News (See item 12) 

• Sanofi issued a recall October 28 for approximately 490,000 packs of Auvi-Q epinephrine 
injectors used to treat severe allergic reactions following 26 reports of malfunctions with 
the injectors. - Associated Press (See item 20) 

• A security expert reported October 28 that 13 million personal user records from the free 
web hosting service, 000webhost.com were compromised after its main server was 
exploited via a flaw in its old version of PHP. - Securityweek (See item 24) 

• Mapunapuna officials reported October 28 that a building supply company housing 17 
businesses sustained extensive damage October 27 after a 3-alarm fire caused 
approximately $5.5 million in damages. - Honolulu Star-Advertiser (See item 30) 
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Energy Sector 



1. October 28, WTNH 8 New Haven - (Connecticut) Crews battle heavy blaze at oil 
plant in Stratford. Fire crews spent several hours containing an October 27 fire at 
Total Petrochemicals and Refining in Stratford, Connecticut, which prompted an 
evacuation due to heavy smoke inside the building. Officials are investigating the cause 
of the fire. 

Source: http://wtnh.com/2015/10/28/crews-battle-heavv-blaze-at-oil-plant-in-stratford/ 

2. October 28, Associated Press - (National) 187 new ethanol pumps coming to Iowa; 

5.000 across the USA. The U.S. Department of Agriculture announced October 28 that 
it will contribute $100 million to help install nearly 5,000 ethanol fuel pumps in 21 
States to increase the availability of the corn-based fuel. 

Source: http://www.kcci.com/news/187-new-ethanol-pumps-coming-to-iowa-5000- 
across-the-usa/36102332 

3. October 28, Fresno Bee - (California) State fines Fresno County for gas pipeline 
explosion. The California Occupational Safety and Health Administration issued a 
$101,125 fine to Fresno County for its role in an April 17 gas line explosion that killed 
a Fresno County Jail inmate worker and injured 12 others after a county worker severed 
a 12-inch Pacific Gas and Electric Co., gas line. The county received 4 serious 
violations and 1 general violation including not properly surveying the site beforehand 
to determine predictable hazards to employees. 

Source: http://www.fresnobee.com/news/local/article41759715.html 

4. October 28, Associated Press - (National) Gulf states, Transocean settle over 2010 
spill damages. Transocean acknowledged that it reached settlement agreements 
October 27 with Florida, Mississippi, Alabama, Louisiana, and Texas regarding the 
2010 BP oil spill in which 1 1 workers were killed when the Deepwater Horizon rig 
exploded and spilled an estimated 134 million gallons of oil into the Gulf of Mexico. 
Source: http://www.montgomervadvertiser.com/story/news/2015/10/28/gulf-states- 
transocean- settle-over-20 1 0-spill- 

damages/74772510/?from=global&sessionKey=&autologin = 

Chemical Industry Sector 

See item 1 

Nuclear Reactors, Materials, and Waste Sector 

Nothing to report 

Critical Manufacturing Sector 

5. October 28, Detroit News - (International) Ford issues three new recalls covering 

131.000 vehicles. Ford Motor Company issued a recall October 28 for 129,000 model 
year 2009 - 2010 Ford Edge and Lincoln MKX SUVs for rust issues under 
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reinforcement brackets that could lead to leaks and fires in the fuel tank when exposed 
to road salt. The recall also includes 1,900 model year 2016 Ford Mustang vehicles that 
may have suffered damage to its restraint parts during shipping prior to installation. 
Source: http://www.detroitnews.com/story/business/autos/ford/2015/10/28/ford-issues- 
three-new-recalls-covering-vehicles/74730186/ 

Defense Industrial Base Sector 

Nothing to report 

Financial Services Sector 

6. October 28, Buffalo News - (New York) Falls businessman who shot brother-in-law 
pleads guilty to bank fraud. A suspect serving a prior prison sentence for attempted 
murder pleaded guilty October 28 in a Buffalo district court to defrauding M&T Bank 
of $177,500 by cashing 42 checks from an overdrawn company account from the now- 
defunct Electro-Dyne Choke Corp., between November 2012 and March 2013. The 
suspect had the company’s payroll firm issue payroll checks to himself and another 
individual from bank accounts that did contain enough money. 

Source: http://www.buffalonews.com/city-region/niagara-falls/falls-businessman-who- 
shot-brother-in-law-pleads-guiltv-to-bank-fraud-20151028 

7. October 28, Bloomberg News - (New York) Goldman agrees to pay $50 million to 
settle N.Y. Fed leak case. Goldman Sachs Group Inc., reached a $50 million 
settlement and accepted a 3-year suspension on some advisory capacities within New 
York October 28 following allegations of unauthorized access to classified documents 
from the Federal Reserve Bank of New York. The case involves a Federal Reserve 
employee who provided a client’s confidential information to a Goldman Sachs 
employee, who then circulated the information to senior personnel. 

Source: http://www.bloomberg.com/news/articles/2015-10-28/goldman-agrees-to-pav- 
50-million-to-settle-n-y-fed-leak-case 

8. October 28, Chicago Tribune - (Illinois) Politician goes from speaker to felon, but 
his dark past still a mystery. A U.S. politician plead guilty October 28 in a Federal 
courtroom in Chicago to charges related to allegations of illegally structuring more than 
$3.5 million in bank account withdrawals to avoid financial reporting requirements as 
part of a payout to cover up alleged wrongdoing. 

Source: http://www.chicagotribune.com/news/local/breaking/ct-dennis-hastert-guilty- 
plea-hearin g-met-20 151027 -story.html 

Transportation Systems Sector 

9. October 29, Jacksonville WJXX 10/ WTLV 12 - (Florida) Philadelphia-to- 
Jacksonville flight makes emergency landing in N.C. A Republic Airlines flight 
headed to Jacksonville from Philadelphia made an emergency landing at Raleigh- 
Durham International Airport October 28 due to smoke in the cockpit that caused 
delays. The U.S. Federal Aviation Administration is investigating the cause of the 
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smoke. 

Source: http://www.firstcoastnews.com/story/travel/2015/10/28/emergencv-landing- 
philly-to-iax-flight-raleigh/74769348/ 

10. October 28, Nj.com - (New Jersey) Stormy weather causes long flight delays at area 
airports. The U.S. Federal Aviation Administration reported October 28 that heavy 
clouds prompted a ground control program to be in effect at Teterboro Airport, causing 
arrival delays of more than 5 hours and nearly 300 flights to be delayed and cancelled 
at Newark Liberty, and the region’s 2 other commercial airports. 

Source: 

http://www.ni.com/news/index.ssf/2015/10/cloud cover wreaks havoc on flights at 
area airpor.html 

1 1 . October 28, Minneapolis- Star Tribune - (Minnesota) Hwy. 100 reopens after 3-hour 
closure. A stretch of Hwy. 100 in St. Louis Park was shut down for 3 hours October 28 
while officials negotiated with a person threatening to jump off a bridge. The person 
was taken to an area hospital and authorities reopened the highway. 

Source: http://www.startribune.com/hwv-100-reopens-after-3-hour-closure/337974381/ 

Food and Agriculture Sector 

12. October 29, San Jose Mercury News - (California) Shigella outbreak reaches 190 
reported cases. The Santa Clara County Public Health Department reported October 
28 that the number of cases in a Shigella outbreak rose to 190. The cause of the 
outbreak remains under investigation but officials believe that nearly all cases stem 
from food served at the Mariscos San Juan restaurant between October 16 and October 
17. 

Source: http://www.mercurvnews.com/crime-courts/ci 29039614/shigella-outbreak- 
reaches- 1 90-reported-cases 

13. October 29, U.S. Food and Drug Administration - (National) Helados La Tapatia, 

Inc. recalls products because of possible allergens. Fresno, California-based Helados 
La Tapatia issued a voluntary recall October 27 for 13 milk based ice cream products 
and 1 granola based product due to undeclared soy, egg, or almond allergens 
discovered during a routine inspection. The products were distributed in retail stores in 
Arizona, California, Nevada, and Washington. 

Source: http://www.fda.gov/Safety/Recalls/ucm469793.htm 

14. October 29, U.S. Food and Drug Administration - (Oregon) CSFPDX of Garibaldi, 
Oregon is issuing a voluntary recall on all 64 oz. (4Lbs.) canned Wild Albacore 
Tuna because of a possible health risk. Garibaldi, Oregon-based CSFPDX LLC 
issued a voluntary recall October 27 of all its CS Fishery Wild Albacore Tuna products 
canned by Skipanon Brand Seafoods LLC due to potential Clostridium botulinum 
contamination. Products were sold to consumers in retail stores and wholesalers 
throughout Oregon. 

Source: http://www.fda.gov/Safety/Recalls/ucm469962.htm 
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15. October 28, WLNS 9 Lansing - (Michigan) “Uncle John’s Cider Mill” resume cider 
sales after E. coli bacteria come back negative. Uncle John’s Cider Mill in St. Johns 
resumed the sale of its cider October 28 following negative test results for E. coli after 
initial testing revealed positive results for the Shiga-toxin producing E. coli bacteria, 
prompting the temporary cessation of sales October 27 pending follow-up tests. 

Source: http://wlns.com/2015/10/27/uncle-iohns-cider-mill-tests-positive-for-shiga- 
toxin-producing-e-coli-bacteria/ 

16. October 28, U.S. Food and Drug Administration - (National) Herr's announces 
voluntary recall of select bags of 1.875 oz. Sour Cream and Onion Potato Chips 
with packaging error. Herr Foods Inc., issued a voluntary recall October 27 for 
certain 1.875 ounce bags of its Sour Cream and Onion Potato Chip products due to 
misbranding after the products were labeled as gluten free while containing wheat. The 
potato chips were distributed nationwide through retail stores, distributors, and Internet 
sales. 

Source: http://www.fda.gov/Safety/Recalls/ucm469966.htm 

17. October 28, U.S. Food and Drug Administration - (Washington) Sockeye Suzy's Fish 
Co issuing a voluntary recall on all canned seafood products because of a possible 
health risk. White Swan, Washington-based Sockeye Suzy’s Fish Co., issued a 
voluntary recall October 28 for all canned catfish, salmon, sturgeon, and walleye 
products due to potential Clostridium botulinum contamination following a Skipanon 
Brand Seafoods LLC recall prompted by potential under-processing. The products were 
sold to consumers in retail stores and wineries throughout Washington. 

Source: http ://www .fda. gov/S afety/Recalls/ucm469970.htm 

18. October 28, WTOV 9 Steubenville - (West Virginia) 5 treated after ammonia leak at 
Ziegenfelder’s. An ammonia leak at Ziegenfelder Frozen Treat Company in Wheeling 
sent five workers to area hospitals for exposure, and prompted an evacuation and 
closure of the building. Officials stated that the issue was contained and that the facility 
will reopen following an investigation. 

Source: http://wtov9.com/news/local/breaking-possible-explosion-and-fire-at- 
ziegenf elders -in- wheelin g 

For another story, see item 2 

Water and Wastewater Systems Sector 

19. October 29, WSPA 7 Spartanburg - (South Carolina) 33k gallons of sewage spills in 
Henderson Co. The City of Hendersonville’s Wastewater Collection System reported 
that crews were working to clean up approximately 33,000 gallons of sewage after 
excessive rainfall and flooding caused a spill from a man hole October 28. 

Source: http://wspa.com/2015/10/29/33k-gallons-of-sewage-spills-in-henderson-co/ 

Healthcare and Public Health Sector 

20. October 28, Associated Press - (International) Sanofi recalls all injectors used for 
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allergic reactions. Sanofi issued a recall October 28 for approximately 490,000 packs 
of Auvi-Q epinephrine injectors used to treat severe allergic reactions following 26 
reports of malfunctions with the injectors that may not deliver the correct amount of the 
drug. 

Source: http://abcnews.go.com/Business/wireStorv/sanofi-recalls-pen-injectors- 
allergic-reactions-34805509 

Government Facilities Sector 

21. October 28, Associated Press - (Kentucky) Manhunt for accused cop-shooting 
fugitive forces Kentucky schools to close for 3rd day. Cumberland County schools 
cancelled classes October 29 for the third straight day in a row, while police search for 
a fugitive accused of shooting at law enforcement officers in Tennessee and Kentucky. 
Source: http://www.foxnews.com/us/2015/10/28/manhunt-for-accused-cop-shooting- 
fugitive-forces-kentucky-schools-to-close-for/ 

Emergency Services Sector 

22. October 28, Louisville Courier- Journal - (Kentucky) Source of ammonia leak found 
at LMPD building. A Louisville Metro Police Department facility was evacuated for 2 
hours October 28 after an ammonia leak in a property room caused 5 people to fall ill 
and be transported to an area hospital. The spill originated from a package dropped off 
by 2 employees in the room and workers were allowed to re-enter the building once air 
quality levels returned to normal. 

Source: http://www.courier-iournal.com/storv/news/crime/2015/10/28/ammonia-leak- 
reported-lmpd-buildin g/7 47 44060/ 

23. October 27, Pittsburgh Tribune-Review - (Pennsylvania) 5 western Pennsylvania 
counties experience 911 outages. Butler, Cambria, Somerset, Indiana, Armstrong, and 
Westmoreland counties in western Pennsylvania lost 9-1-1 service for approximately 4 
hours October 27 due to an issue with the telephone provider that connects the 9-1-1 
centers. 

Source: http://triblive.com/news/butler/9332039-74/county-residents-butler 

Information Technology Sector 

24. October 29, Securityweek - (International) 13 million passwords leaked from free 
hosting service. A security expert reported October 28 that 13 million personal user 
records including names, emails, and plaintext passwords from the free web hosting 
service, 000webhost.com were compromised after its main server was exploited via a 
flaw in its old version of PHP. To mitigate future breaches, OOOwebhost updated its 
systems, increased its encryption, and changed all passwords. 

Source: http://www.securitvweek.com/13-million-passwords-leaked-free-hosting- 
service 

25. October 29, Securityweek - (International) Several flaws patched in Xen Hypervisor. 
Researchers from Xen Project released a total of nine advisories addressing recently 
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patched Xen hypervisor vulnerabilities including hypercall issues leveraged to cause a 
denial-of-service (DoS) condition via repeated logging to the hypervisor console, 
privilege escalation vulnerability, and a multicall issue exploited via a malicious guest 
to crash a host, amongst other patched security holes after experts from Citrix, Alibaba, 
and SUSE discovered each vulnerability. 

Source: http://www.securitvweek.com/several-flaws-patched-xen- 

hypervisor?utm source=feedbumer&utm medium=feed&utm campaign=Feed%3A+S 

ecurityweek+%28SecurityWeek+RSS+Feed%29 



26. October 28, Securityweek - (International) “Chikdos” Malware abuses MySQL 
Servers for DDoS attacks. Researchers from Symantec reported that the Chikdos 
trojan malware designed to hijack both Finux and Windows, recently targeted MySQF 
servers via a malicious user-defined function (UDF) working as a downloader trojan 
(Downloader.Chikdos) that allows actors to conduct distributed denial-of-service 
(DDoS) attacks via SQF injection attacks. Symantec data confirms the most infected 
MySQF servers were located in India, China, Brazil, Holland, and the U.S. 

Source: http://www.securitvweek.com/chikdos-malware-abuses-mvsql-servers-ddos- 
attacks 



27. October28, Securityweek - (International) Infinite Automation patches flaws in 

SCADA/HMI product. Infinite Automation Systems released an updated version of its 
Mango Automation product patching a series of vulnerabilities after researchers from 
ICS-CERT discovered unrestricted fire upload, information exposure, SQF injection, 
and cross-site scripting vulnerabilities. The version fixed all the flaws except an OS 
command injection and a cross-site request forgery (CSRF) flaw. 

Source: http://www.securitvweek.com/infinite-automation-patches-flaws-scadahmi- 
product 



Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 



Communications Sector 

Nothing to report 

Commercial Facilities Sector 

28. October 29, Reuters - (Indianapolis) Three people shot at Indianapolis mall: police. 
Indianapolis Metropolitan Police reported October 29 that 3 people were shot and 
injured inside a Target Store located at the Washington Square Mall October 28 after a 
gunman opened fire inside the facility. The injured were taken to area hospitals for non- 
life threating wounds and the incident remains under investigation. 

Source: http://www.reuters.com/article/2Q15/10/29/us-indiana-shooting- 
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29. October 28, Fresno Bee - (California) Fresno Chaffee Zoo reopens after evacuation 
for natural gas leak. An October 28 gas leak prompted the evacuation of a few 
hundred of guests and staff from Fresno Chaffee Zoo for about 3 hours while crews 
repaired a ruptured 2-inch plastic service line severed by a private contractor. 

Source: http://www.fresnobee.com/news/local/article41696784.html 

30. October 28, Honolulu Star-Advertiser - (Hawaii) Fire causes $5.5 million damage to 
Mapunapuna businesses. Mapunapuna officials reported October 28 that a building 
supply company housing 17 businesses sustained extensive damage October 27 after a 
3-alarm fire caused approximately $5.5 million in damages. Fire crews remained on 
site for nearly 21 hours extinguishing the blaze and the cause of the incident is under 
investigation. 

Source: 

http://www.staradvertiser.com/news/breaking/20151027 Firefighters respond to three 
alarm fire in Mapunapuna.html?id=3378 15871 

Dams Sector 

Nothing to report 
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NTAS 



NO ACTIVE ALERTS 
wwvv.DHS.gov/alerts 



Department of Homeland Security (DHS) 

DHS Daily Open Source Infrastructure Report Contact Information 

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday 
through Friday] summary of open-source published information concerning significant critical 
infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for 10 days on 
the Department of Homeland Security Web site: http://www.dhs.gov/lPDailvReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support@govdelivery.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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